API tools faq
paste
Advertisement
Guest User

default-ldap-users-directory-config.xml

a guest
Jul 16th, 2013
235
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
XML 4.79 KB | None | 0 0
raw download clone embed print report
  1. <?xml version="1.0"?>
  2. <component name="org.nuxeo.ecm.directory.ldap.storage.users">
  3.  
  4.   <require>org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory</require>
  5.  
  6.   <!-- the groups SQL directories are required to make this bundle work -->
  7.   <require>org.nuxeo.ecm.directory.sql.storage</require>
  8.  
  9.   <extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"
  10.     point="servers">
  11.  
  12.     <!-- Configuration of a server connection
  13.  
  14.       A single server declaration can point to a cluster of replicated
  15.       servers (using OpenLDAP's slapd + sluprd for instance). To leverage
  16.       such a cluster and improve availability, please provide one
  17.       <ldapUrl/> tag for each replica of the cluster.
  18.     -->
  19.     <server name="default">
  20.  
  21.       <ldapUrl>ldap://win2k1201:389</ldapUrl>
  22.       <!-- Optional servers from the same cluster for failover
  23.         and load balancing:
  24.  
  25.         <ldapUrl>ldap://server2:389</ldapUrl>
  26.         <ldapUrl>ldaps://server3:389</ldapUrl>
  27.  
  28.         "ldaps" means TLS/SSL connection.
  29.       -->
  30.  
  31.       <!-- Credentials used by Nuxeo5 to browse the directory, create
  32.         and modify entries.
  33.  
  34.         Only the authentication of users (bind) use the credentials entered
  35.         through the login form if any.
  36.       -->
  37.       <bindDn>CN=Nuxeo LDAP Service User,CN=Managed Service Accounts,DC=pinnsg,DC=com<bindDn>
  38.       <bindPassword>secret</bindPassword>
  39.     </server>
  40.  
  41.   </extension>
  42.  
  43.   <extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"
  44.     point="directories">
  45.  
  46.     <directory name="userDirectory">
  47.       <server>default</server>
  48.       <schema>user</schema>
  49.       <idField>username</idField>
  50.       <passwordField>password</passwordField>
  51.  
  52.       <searchBaseDn>OU=Pinnacle Solutions Group,DC=pinnsg,DC=com</searchBaseDn>
  53.       <searchClass>person</searchClass>
  54.       <!-- To additionally restricte entries you can add an
  55.         arbitrary search filter such as the following:
  56.  
  57.         <searchFilter>(&amp;(sn=toto*)(myCustomAttribute=somevalue))</searchFilter>
  58.  
  59.         Beware that "&" writes "&amp;" in XML.
  60.       -->
  61.  
  62.       <!-- use subtree if the people branch is nested -->
  63.       <searchScope>onelevel</searchScope>
  64.  
  65.       <!-- using 'subany', search will match *toto*. use 'subfinal' to
  66.         match *toto and 'subinitial' to match toto*. subinitial is the
  67.         default  behaviour-->
  68.       <substringMatchType>subany</substringMatchType>
  69.  
  70.       <readOnly>false</readOnly>
  71.  
  72.       <!-- comment <cache* /> tags to disable the cache -->
  73.       <!-- cache timeout in seconds -->
  74.       <cacheTimeout>3600</cacheTimeout>
  75.  
  76.       <!-- maximum number of cached entries before global invalidation -->
  77.       <cacheMaxSize>1000</cacheMaxSize>
  78.  
  79.       <!--
  80.            If the id field is not returned by the search, we set it with the searched entry, probably the login.
  81.            Before setting it, you can change its case. Accepted values are 'lower' and 'upper',
  82.            anything else will not change the case.
  83.       -->
  84.       <missingIdFieldCase>lower</missingIdFieldCase>
  85.  
  86.       <!-- Maximum number of entries returned by the search -->
  87.       <querySizeLimit>200</querySizeLimit>
  88.  
  89.       <!-- Time to wait for a search to finish. 0 to wait indefinitely -->
  90.       <queryTimeLimit>0</queryTimeLimit>
  91.  
  92.       <creationBaseDn>OU=Pinnacle Solutions Group,DC=pinnsg,DC=com</creationBaseDn>
  93.       <creationClass>top</creationClass>
  94.       <creationClass>person</creationClass>
  95.       <creationClass>organizationalPerson</creationClass>
  96.       <creationClass>user</creationClass>
  97.  
  98.       <rdnAttribute>uid</rdnAttribute>
  99.       <fieldMapping name="username">sAMAccountName</fieldMapping>
  100.       <fieldMapping name="password">userPassword</fieldMapping>
  101.       <fieldMapping name="firstName">givenName</fieldMapping>
  102.       <fieldMapping name="lastName">sn</fieldMapping>
  103.       <fieldMapping name="company">o</fieldMapping>
  104.       <fieldMapping name="email">mail</fieldMapping>
  105.  
  106.       <references>
  107.  
  108.         <inverseReference field="groups" directory="groupDirectory"
  109.           dualReferenceField="members" />
  110.  
  111.       </references>
  112.  
  113.     </directory>
  114.  
  115.   </extension>
  116.  
  117.   <extension target="org.nuxeo.ecm.platform.usermanager.UserService" point="userManager">
  118.  
  119.     <userManager>
  120.       <defaultAdministratorId>Administrator</defaultAdministratorId>
  121.       <defaultGroup>members</defaultGroup>
  122.     </userManager>
  123.  
  124.   </extension>
  125.  
  126. </component>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!